https://bz.apache.org/bugzilla/show_bug.cgi?id=62232
--- Comment #23 from Yann Ylavic <ylavic....@gmail.com> --- I could verify my assertions with a configuration like this: Listen 8443 <VirtualHost *:8443> ServerName localhost:8443 SSLEngine on SSLProtocol -all +TLSv1.2 ... </VirtualHost> Listen 8880 <VirtualHost *:8880> ServerName localhost:8880 <Location "/"> SSLOptions StdEnvVars </Location> SSLProxyEngine on SSLProxyVerify none SSLProxyCheckPeerName off SSLProxyProtocol TLSv1 <Proxy "https://localhost:8443"> SSLProxyProtocol TLSv1.2 </Proxy> ProxyPass / https://localhost:8443/ ... </VirtualHost> Now I test a request on http://localhost:8080/, which should be forwarded to https://localhost:8443/ using TLSv1.2. With no patch (vanilla 2.4.33), I get the "SSL Library Error: error:140BA0C3:SSL routines:SSL_new:null ssl ctx" because of the <Location> section. This issue is resolved by both Rainer's and my patch. With Rainer's patch, the forwarding happens using TLSv1.0 (which fails). With my patch it works as expected (using TLSv1.2). So I don't think it makes a difference to use either patch for your current production case, but for next 2.4 we probably will go with my patch. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org